public/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2026-05-14 20:50:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

PasswordPolicyMessageResolver

Browse Source 
PasswordPolicyMessageResolver
This commit is contained in:
Crystal.Sea
2020-08-25 07:58:42 +08:00
parent 9e3456a943
commit 566d8bdb7e
6 changed files with 160 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java
View File

@@ -41,6 +41,7 @@ import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
@@ -130,8 +131,8 @@ public class ApplicationAutoConfiguration implements InitializingBean {
}
@Bean(name = "passwordPolicyValidator")
public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate) {
return new PasswordPolicyValidator(jdbcTemplate);
public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
return new PasswordPolicyValidator(jdbcTemplate,messageSource);
}
@Bean(name = "loginService")

55
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyMessageResolver.java Normal file
View File

@@ -0,0 +1,55 @@
package org.maxkey.persistence.db;
import java.util.Locale;
import org.passay.MessageResolver;
import org.passay.PropertiesMessageResolver;
import org.passay.RuleResultDetail;
import org.springframework.context.MessageSource;
import org.springframework.context.NoSuchMessageException;
import org.springframework.context.support.MessageSourceAccessor;
public class PasswordPolicyMessageResolver implements MessageResolver{
/** A accessor for Spring's {@link MessageSource} */
private final MessageSourceAccessor messageSourceAccessor;
/** The {@link MessageResolver} for fallback */
private final MessageResolver fallbackMessageResolver = new PropertiesMessageResolver();
/**
* Create a new instance with the locale associated with the current thread.
* @param messageSource a message source managed by spring
*/
public PasswordPolicyMessageResolver(final MessageSource messageSource)
{
this.messageSourceAccessor = new MessageSourceAccessor(messageSource);
}
/**
* Create a new instance with the specified locale.
* @param messageSource a message source managed by spring
* @param locale the locale to use for message access
*/
public PasswordPolicyMessageResolver(final MessageSource messageSource, final Locale locale)
{
this.messageSourceAccessor = new MessageSourceAccessor(messageSource, locale);
}
/**
* Resolves the message for the supplied rule result detail using Spring's {@link MessageSource}.
* (If the message can't retrieve from a {@link MessageSource}, return default message provided by passay)
* @param detail rule result detail
* @return message for the detail error code
*/
@Override
public String resolve(final RuleResultDetail detail)
{
try {
return this.messageSourceAccessor.getMessage(detail.getErrorCode().toLowerCase(), detail.getValues());
} catch (NoSuchMessageException e) {
return this.fallbackMessageResolver.resolve(detail);
}
}
}

11
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
View File

@@ -34,6 +34,7 @@ import org.passay.dictionary.Dictionary;
import org.passay.dictionary.DictionaryBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.MessageSource;
import org.springframework.core.io.ClassPathResource;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.authentication.BadCredentialsException;
@@ -58,6 +59,8 @@ public class PasswordPolicyValidator {
protected JdbcTemplate jdbcTemplate;
MessageSource messageSource;
private static final String PASSWORD_POLICY_KEY = "PASSWORD_POLICY_KEY";
private static final String LOCK_USER_UPDATE_STATEMENT = "UPDATE MXK_USERINFO SET ISLOCKED = ? , UNLOCKTIME = ? WHERE ID = ?";
@@ -72,7 +75,8 @@ public class PasswordPolicyValidator {
public PasswordPolicyValidator() {
}
public PasswordPolicyValidator(JdbcTemplate jdbcTemplate) {
public PasswordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
this.messageSource=messageSource;
this.jdbcTemplate = jdbcTemplate;
}
@@ -138,8 +142,9 @@ public class PasswordPolicyValidator {
}
getPasswordPolicy();
PasswordValidator validator = new PasswordValidator(passwordPolicyRuleList);
PasswordValidator validator = new PasswordValidator(
new PasswordPolicyMessageResolver(messageSource),passwordPolicyRuleList);
RuleResult result = validator.validate(new PasswordData(username,password));

33
maxkey-web-maxkey/src/main/resources/messages/message.properties
View File

@@ -257,4 +257,35 @@ navs.myprofile=\u6211\u7684\u8D44\u6599
navs.audit=\u5BA1\u8BA1
navs.audit.login=\u767B\u5F55\u65E5\u5FD7
navs.audit.signon=\u8BBF\u95EE\u65E5\u5FD7
navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
#password
HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
ILLEGAL_DIGEST_WORD=Password contains a dictionary word.
ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word.
ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
ALLOWED_MATCH=Password must match pattern '%1$s'.
ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'.
ALLOWED_CHAR=Password %2$s the illegal character '%1$s'.
ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'.
ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'.
ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'.
ILLEGAL_USERNAME=Password %2$s the user id '%1$s'.
ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse.
ILLEGAL_WHITESPACE=Password %2$s a whitespace character.
ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'.
ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s.
INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters.
INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters.
INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters.
INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters.
INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters.
INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required.
INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s.
SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
TOO_LONG=Password must be no more than %2$s characters in length.
TOO_SHORT=Password must be %1$s or more characters in length \u592A\u77ED.
TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed.

31
maxkey-web-maxkey/src/main/resources/messages/message_en.properties
View File

@@ -261,4 +261,33 @@ navs.audit.login=Login
navs.audit.signon=Sign-on
navs.audit.operation=Operation
#password
HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
ILLEGAL_DIGEST_WORD=Password contains a dictionary word.
ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word.
ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
ALLOWED_MATCH=Password must match pattern '%1$s'.
ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'.
ALLOWED_CHAR=Password %2$s the illegal character '%1$s'.
ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'.
ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'.
ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'.
ILLEGAL_USERNAME=Password %2$s the user id '%1$s'.
ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse.
ILLEGAL_WHITESPACE=Password %2$s a whitespace character.
ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'.
ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s.
INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters.
INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters.
INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters.
INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters.
INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters.
INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required.
INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s.
SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
TOO_LONG=Password must be no more than %2$s characters in length.
TOO_SHORT=Password must be %1$s or more characters in length.
TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed.

33
maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties
View File

@@ -257,4 +257,35 @@ navs.myprofile=\u6211\u7684\u8D44\u6599
navs.audit=\u5BA1\u8BA1
navs.audit.login=\u767B\u5F55\u65E5\u5FD7
navs.audit.signon=\u8BBF\u95EE\u65E5\u5FD7
navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
#password
HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
ILLEGAL_DIGEST_WORD=Password contains a dictionary word.
ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word.
ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
ALLOWED_MATCH=Password must match pattern '%1$s'.
ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'.
ALLOWED_CHAR=Password %2$s the illegal character '%1$s'.
ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'.
ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'.
ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'.
ILLEGAL_USERNAME=Password %2$s the user id '%1$s'.
ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse.
ILLEGAL_WHITESPACE=Password %2$s a whitespace character.
ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'.
ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s.
INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters.
INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters.
INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters.
INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters.
INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters.
INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required.
INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s.
SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
TOO_LONG=Password must be no more than %2$s characters in length.
TOO_SHORT=Password must be %1$s or more characters in length \u592A\u77ED.
TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed.